﻿<!-- #Include File="../Include/Admin_Onlogin.asp" -->
<%
Data_Name = "{prefix}Attachment"
strFileName = "Admin_UploadFile.asp"
Dim sqlAuth, rsAuth, PurviewID
sqlAuth = "Select AuthID From Admin_Auth Where href='Admin/" & strFileName & "' Order By sort Asc,AuthID Asc"
Call Exec(rsAuth,sqlAuth,2)
If rsAuth.BOF And rsAuth.EOF Then
	PurviewID = 0
Else
	PurviewID = rsAuth(0)
	CheckPurview PurviewID,0
End If
rsAuth.Close
Set rsAuth = Nothing
Select Case Action
Case "Del"
	sqlAuth = "Select AuthID From Admin_Auth Where pid="&PurviewID&" And href='UploadFile/Del' Order By sort Asc,AuthID Asc"
	Call Exec(rsAuth,sqlAuth,2)
	If rsAuth.BOF And rsAuth.EOF Then
		CheckPurview 0,1
	Else
		CheckPurview rsAuth(0),1
	End If
	rsAuth.Close
	Set rsAuth = Nothing
	Call Del()
Case Else
	Call Main()
End Select
Call CloseConn()
Set Fso = nothing

Sub Main()
	If Request.ServerVariables("REQUEST_METHOD") = "POST" Then
		ChannelID = Code_CLng(Trim(Code_Form("ChannelID")))
		Sql = "Select * From ["&Data_Name&"]"
		If ChannelID<>0 Then
			Sql = Sql & " Where ChannelID=" & ChannelID & ""
		End If
		Sql = Sql & " Order By ID Desc"
		Call Exe_Conn(Rs,Sql,1)
		i = 0
		If Rs.BOF And Rs.EOF Then
			data = ""
		Else
			If Request("Page") <> "" Then
				CurrentPage = Code_CLng(Request("Page"))
			Else
				CurrentPage = 1
			End If
			MaxPerPage = Code_CLng(Trim(Request("limit")))
			If MaxPerPage <= 0 Then MaxPerPage = 10
			totalPut = Rs.RecordCount
			If CurrentPage < 1 Then
				CurrentPage = 1
			End If
			If (CurrentPage - 1) * MaxPerPage > totalPut Then
				If (totalPut Mod MaxPerPage) = 0 Then
					CurrentPage = totalPut \ MaxPerPage
				Else
					CurrentPage = totalPut \ MaxPerPage + 1
				End If
			End If
			If CurrentPage > 1 Then
				If (CurrentPage - 1) * MaxPerPage < totalPut Then
					Rs.Move (CurrentPage - 1) * MaxPerPage
				Else
					CurrentPage = 1
				End If
			End If
			Do While Not Rs.Eof
				If rs("ChannelID") > 0 Then
					sqlChannel = "select * from Channel where ChannelID=" & Code_CLng(rs("ChannelID"))
					Call Exec(rsChannel,sqlChannel,2)
					If rsChannel.BOF And rsChannel.EOF Then
						ChannelTit = ""
						rsChannel.Close
						Set rsChannel = Nothing
					Else
						ChannelTit = ToUnicode(Code_Html(rsChannel("ChannelTit"),1,0))
						rsChannel.Close
						Set rsChannel = Nothing
					End If
				End If
				sqlAdmin="select * from Admin where ID=" & Code_CLng(Trim(Rs("adminid")))
				Call Exec(rsAdmin,sqlAdmin,2)
				If rsAdmin.BOF And rsAdmin.EOF Then
					AdminName = ""
					rsAdmin.Close
					Set rsAdmin=Nothing
				Else
					AdminName = "<font Admin=blue>" & ToUnicode(rsAdmin("UserName")) & "</font>"
					rsAdmin.Close
					Set rsAdmin=Nothing
				End If
				sqlClass="select * from Class where ClassID=" & Code_CLng(Trim(Rs("cid")))
				Call Exec(rsClass,sqlClass,2)
				If rsClass.BOF And rsClass.EOF Then
					ClassName = "<font class=red>未使用</font>"
					rsClass.Close
					Set rsClass=Nothing
				Else
					ClassName = "<font class=blue>" & ToUnicode(rsClass("ClassName")) & "</font>"
					rsClass.Close
					Set rsClass=Nothing
				End If
				If i=0 Then
					data = data & "{""id"":"&Rs("id")&",""name"":"""&ToUnicode(Rs("oldname"))&""",""url"":"""&Rs("fullname")&""",""ChannelName"":"""&ChannelTit&""",""ClassName"":"""&ClassName&""",""AdminName"":"""&AdminName&""",""ext"":"""&Rs("fileext")&""",""ico"":""../Plugins/assets/images/ext/"&Rs("fileext")&".png"",""size"":"""&GetSize(Rs("filesize"),"k")&""",""time"":"""&Time_Type(Rs("createdate"),1)&"""}"
				Else
					data = data & ",{""id"":"&Rs("id")&",""name"":"""&ToUnicode(Rs("oldname"))&""",""url"":"""&Rs("fullname")&""",""ChannelName"":"""&ChannelTit&""",""ClassName"":"""&ClassName&""",""AdminName"":"""&AdminName&""",""ext"":"""&Rs("fileext")&""",""ico"":""../Plugins/assets/images/ext/"&Rs("fileext")&".png"",""size"":"""&GetSize(Rs("filesize"),"k")&""",""time"":"""&Time_Type(Rs("createdate"),1)&"""}"
				End If
				iCount = iCount + 1
				If iCount >= MaxPerPage Then Exit Do
				Rs.MoveNext
				i=i+1
			Loop
			Rs.Close
		End If
		If totalPut = 0 Then
			Response.Write "{""code"":201,""msg"":""\u65e0\u6570\u636e""}" & vbCrLf
		Else
			Response.Write "{""code"":0,""msg"":""\u83b7\u53d6\u6210\u529f!"",""count"":"&totalPut&",""data"":["&data&"],""rel"":1}" & vbCrLf
		End If
		Response.End()
	Else
		Response.Write "<!DOCTYPE html>" & vbCrLf
		Response.Write "<head>" & vbCrLf
		Response.Write "<title>附件管理</title>" & vbCrlf
		Response.Write "<meta http-equiv='Content-Type' content='text/html; charset=utf-8'>" & vbCrLf
		Response.Write "<meta name='viewport' content='width=device-width, initial-scale=1, maximum-scale=1'>" & vbCrLf
		Response.Write "<meta name='apple-mobile-web-app-status-bar-style' content='black'>" & vbCrLf
		Response.Write "<meta name='apple-mobile-web-app-capable' content='yes'>" & vbCrLf
		Response.Write "<meta name='format-detection' content='telephone=no'>" & vbCrLf
		Response.Write "<link rel=""stylesheet"" type=""text/css"" href=""../fonts/font-awesome/css/font-awesome.min.css"" />" & vbCrLf
		Response.Write "<link href='../Plugins/layui/css/layui.css' rel='stylesheet' type='text/css' />" & vbCrLf
		Response.Write "<link rel=""stylesheet"" href=""../Style/global.css"" media=""all"">" & vbCrLf
		Response.Write "<link rel=""stylesheet"" href=""../Style/font.css"" media=""all"">" & vbCrLf
		Response.Write "<script type='text/javascript'>" & vbCrLf
		Response.Write "var pc_file = '" & InstallDir & "';" & vbCrLf
		Response.Write "var admin_file = '" & AdminFolder & "/';" & vbCrLf
		Response.Write "</script>" & vbCrLf
		Response.Write "<script type='text/javascript' src='../Js/Admin.js'></script>" & vbCrLf
		Response.Write "<script type='text/javascript' src='../../Dialog/main.js'></script>" & vbCrLf
		Response.Write "<script type='text/javascript' src='../../Dialog/lhgcore.min.js'></script>" & vbCrLf
		Response.Write "<script type='text/javascript' src='../../Dialog/lhgcalendar.min.js'></script>" & vbCrLf
		Response.Write "<script type=""text/javascript"" src=""../Plugins/layui/layui.js""></script>" & vbCrLf
		Response.Write "<script type=""text/javascript"">" & vbCrLf
		Response.Write "$(document).ready(function(){}).keydown(function(e){" & vbCrLf
		Response.Write "    if (e.which === 27) {" & vbCrLf
		Response.Write "        layer.closeAll();" & vbCrLf
		Response.Write "    }" & vbCrLf
		Response.Write "});" & vbCrLf
		Response.Write "</script>" & vbCrLf
		Response.Write "</head>" & vbCrlf
		Response.Write "<body>" & vbCrlf
		Response.Write "<div class=""admin-main layui-anim layui-anim-upbit"">" & vbCrLf
		Response.Write "    <fieldset class=""layui-elem-field layui-field-title"">" & vbCrLf
		Response.Write "        <legend>附件管理</legend>" & vbCrLf
		Response.Write "    </fieldset>" & vbCrLf
		Response.Write "    <blockquote class=""layui-elem-quote"">" & vbCrLf
		Response.Write "        <a href=""javascript:void(0);"" onClick=""parent.tab.tabAdd({'id': 1,'href': 'Admin\/Admin_UploadFile_Clear.asp','title': '\u9644\u4ef6\u6e05\u7406'});"" class=""layui-btn layui-btn-sm layui-btn-normal"">" & vbCrlf
		Response.Write "            <i class=""fa fa-trash-o""></i> 附件清理" & vbCrlf
		Response.Write "        </a>" & vbCrlf
		Response.Write "        <a href=""?Action=Main"" class=""layui-btn layui-btn-sm" & Check_Object2(ChannelID,""," layui-btn-danger") & """>" & vbCrlf
		Response.Write "            <i class=""fa fa-folder-open""></i> 附件管理" & vbCrlf
		Response.Write "        </a>" & vbCrLf
		Sql = "Select * From Channel Where ChannelHidden=" & WK_False & " Order By ChannelOrder Asc,ChannelID Asc"
		Call Exec(Rs,Sql,2)
		If rs.BOF And rs.EOF Then
			rs.Close
			Set rs = Nothing
		Else
			Do While Not rs.EOF
				Response.Write "        <a href=""?ChannelID=" & rs("ChannelID") & """ class=""layui-btn layui-btn-sm" & Check_Object2(Trim(rs("ChannelID")),ChannelID," layui-btn-danger") & """>" & vbCrlf
				Response.Write "            <i class=""fa fa-"
				If rs("ModuleType")=2 Then
					Response.Write "image"
				ElseIf rs("ModuleType")=3 Then
					Response.Write "download"
				ElseIf rs("ModuleType")=4 Then
					Response.Write "shopping-cart"
				Else
					Response.Write "list"
				End If
				Response.Write """></i> "&rs("ChannelTit")&"附件管理" & vbCrlf
				Response.Write "        </a>" & vbCrlf
				rs.MoveNext
			Loop
			rs.Close
			Set rs = Nothing
		End If
		Response.Write "    </blockquote>" & vbCrLf
		Response.Write "    <table class=""layui-table"" id=""list"" lay-filter=""list""></table>" & vbCrLf
		Response.Write "</div>" & vbCrLf
		Response.Write "<script type=""text/html"" id=""action"">" & vbCrLf
		Response.Write "    <a onClick=""preview_image('{{d.url}}');"" class=""layui-btn layui-btn-xs layui-btn-normal"">浏览</a>" & vbCrlf
		Response.Write "    <a class=""layui-btn layui-btn-xs layui-btn-danger"" lay-event=""del"">删除</a>" & vbCrLf
		Response.Write "</script>" & vbCrLf
		Response.Write "<script>" & vbCrLf
		Response.Write "    layui.use('table', function() {" & vbCrLf
		Response.Write "        var table = layui.table, $ = layui.jquery;" & vbCrLf
		Response.Write "        var tableIn=table.render({" & vbCrLf
		Response.Write "            elem: '#list'," & vbCrLf
		Response.Write "            url: '?Action=Main'," & vbCrLf
		Response.Write "            method: 'post'," & vbCrLf
		Response.Write "            where: { //设定异步数据接口的参数" & vbCrLf
		Response.Write "                ChannelID: '"&Trim(Request("ChannelID"))&"'" & vbCrLf
		Response.Write "            }," & vbCrLf
		Response.Write "            cellMinWidth: 80," & vbCrLf
		Response.Write "            page:true," & vbCrLf
		Response.Write "            cols: [[" & vbCrLf
		Response.Write "                {field: 'id', title: '编号', width:80, fixed: true}," & vbCrLf
		Response.Write "                {field: 'AdminName', title: '作者', width: 100}," & vbCrLf
		Response.Write "                {field: 'name', title: '名称', width: 260}," & vbCrLf
		Response.Write "                {field: 'ext', title: '扩展名', width: 80}," & vbCrLf
		Response.Write "                {field: 'size', title: '文件大小', width: 160}," & vbCrLf
		Response.Write "                {field: 'time', title: '上传时间', width: 160}," & vbCrLf
		Response.Write "                {field: 'ClassName', title: '附件归属', width: 200}," & vbCrLf
		Response.Write "                {field: 'ChannelName', title: '所属模型', width: 100}," & vbCrLf
		Response.Write "                {title: '操作', width: 180, align: 'center', toolbar: '#action'}" & vbCrLf
		Response.Write "            ]]" & vbCrLf
		Response.Write "        });" & vbCrLf
		Response.Write "        table.on('tool(list)', function(obj) {" & vbCrLf
		Response.Write "            var data = obj.data;" & vbCrLf
		Response.Write "            if(obj.event === 'del'){" & vbCrLf
		Response.Write "                layer.confirm('你确定要删除吗？', function(index){" & vbCrLf
		Response.Write "                    $.ajax({" & vbCrLf
		Response.Write "                        type: 'post'," & vbCrLf
		Response.Write "                        url: '?Action=Del'," & vbCrLf
		Response.Write "                        data: {id: data.id}," & vbCrLf
		Response.Write "                        dataType: 'json'," & vbCrLf
		Response.Write "                        success: function(res) {" & vbCrLf
		Response.Write "                            if (res.code == 1) {" & vbCrLf
		Response.Write "                                layer.msg(res.msg,{time:1000,icon:1});" & vbCrLf
		Response.Write "                                obj.del();" & vbCrLf
		Response.Write "                            }else{" & vbCrLf
		Response.Write "                                layer.msg(res.msg,{time:1000,icon:2});" & vbCrLf
		Response.Write "                            }" & vbCrLf
		Response.Write "                        }" & vbCrLf
		Response.Write "                    });" & vbCrLf
		Response.Write "                    layer.close(index);" & vbCrLf
		Response.Write "                });" & vbCrLf
		Response.Write "            }" & vbCrLf
		Response.Write "        });" & vbCrLf
		Response.Write "    });" & vbCrLf
		Response.Write "</script>" & vbCrLf
		Response.Write "</body>" & vbCrLf & "</html>"
	End If
End Sub

Sub Del()
	If Request.ServerVariables("REQUEST_METHOD") = "POST" Then
		ID = Code_CLng(Trim(Code_Form("ID")))
		Fn_Sql = "Select * From ["&Data_Name&"] WHERE ID="& ID &""
		Call Exec(Fn_Rs,Fn_Sql,2)
		If Not(Fn_Rs.Eof) Then
			IsContentExist = True
			fullname = Fn_Rs("fullname")
			filepath = Fn_Rs("filepath")
		Else
			IsContentExist = False
		End If
		If Action = "Del" And IsContentExist Then
			Set Cfs=New Cls_FileSystem
			If Cfs.Chk_Exist(fullname,1) Then Cfs.Del_File fullname
			Set Fso = Server.CreateObject(Fso_Sys)
			If Cfs.Chk_Exist(filepath,0) Then
				Set all = Fso.GetFolder(Server.MapPath(filepath)).Files
				If all.Count=0 Then
					Cfs.Del_Folder filepath
				End If
			End If
			Set Cfs=Nothing
			Call Exec("","Delete From "&Data_Name&" Where ID=" & ID,0)
		End If
		If ID<>"" Then
			Response.Write "{""msg"":""\u6210\u529f\u5220\u9664\u6587\u4ef6\uff08"& ID &"\uff09\uff01"",""code"":1}"
			Response.End()
		End If
	End If
End Sub
%>